Apple’s Video-Calling ‘Eavesdropping’ Bug

Apple Inc has found itself at the centre of a security alert after a bug in group-calling of its FaceTime video-calling feature has been found to allow eavesdropping of a call’s recipient to take place prior to the call being taken.

Sound, Video & Broadcasting

As well as allowing the caller to hear audio from the recipient’s phone even if the recipient has not yet picked up the call, if the recipient has pressed the power button on the side of the iPhone e.g. to silence / ignore the incoming call, the same bug was also found to have allowed callers to see video of the person they were calling before that person had picked up the call. This was because pressing the power button effectively started a broadcast from the recipient’s phone to the caller’s phone.

Data Privacy Day

Unfortunately for Apple, insult was added to injury as news of the bug was announced on Data Privacy Day, a global event that was introduced by the Council of Europe in 2007 in order to raise awareness about the importance of protecting privacy. Shortly before news of the Apple group FaceTime bug was made public, Apple’s Chief Executive, Tim Cook, had taken to Twitter to highlight the importance of privacy protection.

It Never Rains…But It Pours

To make things even worse, news of the bug was made public on the day before Apple was due to announce its reduced revenue forecast figures as part of its quarterly financial results. Apple has publicly reduced its expected revenue forecast by £3.8bn. Apple’s chief executive put the blame for the revised lower revenue mainly on the unforeseen “magnitude of the economic deceleration, particularly in Greater China”. He also blamed several other factors such as a battery replacement programme, problems with foreign exchange fluctuations, and the end of carrier subsidies for new phones.

Feature Disabled

In order to close the security and privacy hole that the bug created, Apple announced online that it had disabled the Group FaceTime feature at 3:16 AM on Tuesday.

Fix On The Way

Apple has announced that a fix for the bug will be available later this week as part of Apple’s iOS 12.2 update.

What Does This Mean For Your Business?

Apple has disabled the Group FaceTime feature with the promise of a fix within days, which should provide protection from any new attempts to exploit the bug. Those users who are especially concerned can also decide to disable FaceTime in the iPhone altogether via the phone’s settings.

Even though the feature has been disabled, the potential seriousness of allowing eavesdropping of private conversations and the broadcasting of video from a call recipient’s phone appears to have been a major threat to the privacy and security of some Apple phone users. This has caused some tech commentators to express their surprise that a bug like this could be discovered in the trusted, trillion-dollar company’s products, and concern to be expressed that those users who, for whatever reason, don’t update their phones to the latest operating system, may not be protected.